The United Kingdom's financial operating philosophy always has been one of less regulation. However, fallout from the current subprime credit crisis, which has grown to global proportions, could spark a new approach. Specifically, U.K. regulators are weighing changes that could require banks to deploy reporting technologies that will keep regulators abreast of problems in a more timely manner.
The spur to action in the U.K. came this past September, when mortgage lender Northern Rock was forced to appeal to the Bank of England for emergency funding. The event caused depositors to panic and withdraw their funds -- "an event that is called the first depositor run on a U.K.-based bank in over 100 years," says Bob McDowall, senior analyst, international practice, TowerGroup (Needham, Mass.).
Unlike the FDIC and other regulatory agencies in the U.S., "The Financial Services Authority [along with the U.K. Treasury and Bank of England] historically used broad guidelines, rather than detailed rules, for the banking industry to follow," says Paul Henninger, director of product management, fraud solutions, for Actimize (New York).
However, now this approach is blamed for "what is called 'a collective failure of responsibility and action' among the U.K. Treasury, the Bank of England and the FSA," which are considered responsible for detecting errors in Northern Rock's business operations, TowerGroup's McDowall explains.
To prevent similar incidents in the future, the U.K. government is proposing that the FSA should have more power to require more-detailed, frequent financial information and disclosures from banks. The government could propose this legislation by the end of the first quarter, and a law could be passed by the spring. Once the proposed law is enacted, however, "It could take up to 12 months to determine whether reporting requirements should be more stringent," McDowall adds.
If the law indeed is passed, banks may be required to upgrade or add new systems to support transaction monitoring and auditing processes. These mandatory upgrades also will force financial institutions to dedicate more of their IT budgets to compliance remediations.
"Increased regulations almost always result in increased IT spending, since most regulations require that financial institutions monitor a range of high-risk or highly critical activities, and the need to report on problems within those activities," Actimize's Henninger explains. "However, it will be the penalties, not the regulations, that will really result in major changes in the way banks operate."
The FSA is expected to focus initially on business areas, including market abuse and insider trading, customer data security, and liquidity risk.
Although banks may argue that they already have solutions in place to protect and analyze data, or to present information collected during audits, their existing systems may not suffice going forward. "Whether analytics will be required for monitoring high-risk transactions and processes depends on how serious the regulators are about identifying problems early," Henninger says.
"The new powers could demand that banks upgrade systems or add solutions that better protect customer data and other sensitive information," he says. "While this is already a concern among the FSA, the organization may simply want banks to deploy sound solutions that ensure data will not end up in the wrong hands."